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WHAT IS CLAIMED IS: 

5^ (^7 \ 



1 1 . A method for global sign-on (GSO) comprising the steps of; 

2 receiving a user login; 

3 determining an existence of a first directory entry corresponding to said user in 

4 response to a firslLightweight Directory Access Protocol (LDAP) message; and 

5 logging saiaoiser into one or more data processing services in response to one or 

6 more corresponding stecond directory entries, and wherein each of said first and second 

7 directory entries represents a data structure in accordance with a corresponding first and 

8 second predetermined LDAP schema object. 

1 2. The method of claim 1 wherein each ofsaid corresponding second predetermined 

2 LDAP schema objects has one V more predetermined attributes, each of said one or 

3 more attributes having a set of obe or more values, and wherein a first one of said 

4 plurality of attributes is operable Vbr initiating a corresponding one of said data 

5 processing services. \ 

1 3 . The method of claim 2 wherein said step of logging said user into one or more 

2 data processing systems is in response to fiVst one of said plurality of attributes having 

3 a first predetermined data value. \ 

1 4. The method of claim 1 wherein said stejV)f logging said user into said one or 

2 more data processing services comprises the steps of: 
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each data processing service, reading a user identifier (UID) and a password 
from a corresponding one of said second directory entries; and 
logging in said user using said UID and said password. 
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5. The method of claim 1 further comprising the step of starting said one or more 
data processing seVices in response to one or more third directory entries, each of said 
third directory entries} representing a data structure in accordance with a corresponding 
third predetermined LDAP schema object. 
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6. The method of clatai 5 further comprising the step of invoking an initialization 
routine corresponding to each of said data processing services, wherein each of said 
corresponding third predetermined LDAP schema objects includes a set of one or more 
attributes, and wherein said initialization routine is determined in response to a value of 
a first attribute of said set of one or more attributes. 
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7. The method of claim 1 wherein said step of logging said user into one or more 
data processing services includes theVtep of determining if a first one of said data 
processing services requires a prerequisite service. 
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8. Themethod of claim 7 wherein each of\said corresponding second predetermined 
LDAP schema objects has one or more predetermined attributes, each of said one or 
more attributes having a set of one or more valueV, and wherein determining if said first 
one of said data processing services requires a prerequisite service is in response to a 
preselected value of a first one of said one or more attributes. 
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^. Ittie method of claim 1 wherein said step of logging said user into one or more 
data processing services includes the step of determining if a first one of said data 
processing sVvices takes an identifier value. 

10. The method of claim 9 wherein determining if a first one of said data processing 
services takes an iotentifier value is in response to a fourth directory entry, said fourth 
directory entry representing a data structure in accordance with a corresponding fourth 
predetermined LDAP schema object. 

1 1 . The method of claim 1 0 wherein said fourth predetermined LDAP schema obj ect 
has one or more predetermined attributes, each of said one or more attributes having a 
set of one or more values, md wherein determining if said first one of said data 
processing services takes an identifier value is in response to a preselected value of a first 
one of said one or more attributed 

1 2. The method of claim 1 1 further comprising the step of invoking an initialization 
routine corresponding to said first data processing service in response to an attribute 
value in a third directory entry corresponding to said first data processing service, said 
third directory entry representing a data Structure in accordance with a corresponding 
third predetermined LDAP schema objectAaid initialization routine being determined 
in response to said attribute value, and wherein said identifier value is passed to said 
initialization routine. \ 
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1 5| . The method of claim 9 wherein said identifier value is a required identifier value. 



14. The metftpd of claim 9 wherein said identifier value is an optional identifier 
value. 
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3 1^. A\computer program product embodied in a tangible storage medium, the 

4 program pnoduct including programming for global sign-on (GSO), the programming 

5 comprising instructions for performing the steps of: 

6 receiving a user login; 

7 determining an existence of a first directory entry corresponding to said user in 

8 response to a first lightweight Directory Access Protocol (LDAP) message; and 

9 logging said user into one or more data processing services in response to one or 

10 more second directory qntries , and wherein each of said first and second directory entries 

11 represents a data structure in accordance with a corresponding first and second 

12 predetermined LDAP schema object. 

1 16. The computer progranWoduct of claim 1 5 wherein each of said corresponding 

2 second predetermined LDAP scftema objects has one or more predetermined attributes, 

3 each of said one or more attributes having a set of one or more values, and wherein a first 

4 one of said plurality of attributes is Vperable for initiating a corresponding one of said 

5 data processing services. \ 

1 17. The computer program product of claim 1 6 wherein said step of logging said user 

2 into one or more data processing systems ij&n response to first one of said plurality of 

3 attributes having a first predetermined data value. 

1 18. The computer program product of claim 1 sVherein said step of logging said user 

2 into said one or more data processing services comprises the steps of: 
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I for eaqh data processing service, reading a user identifier (UID) and a password 
from a corresponding one of said second directory entries; and 
logging imsaid user using said UID and said password. 

19. The computerVogram product of claim 1 5 further comprising the step of starting 
said one or more data processing services in response to one or more third directory 
entries, each of said third airectory entries representing a data structure in accordance 
with a corresponding third predetermined LDAP schema object. 

20. The computer program product of claim 19 further comprising the step of 
invoking an initialization routine coiresponding to each of said data processing services, 
wherein each of said corresponding third predetermined LDAP schema objects includes 
a set of one or more attributes, and wher\in said initialization routine is determined in 
response to a value of a first attribute of satd set of one or more attributes. 

2 1 . The computer program product of claim v6 wherein said step of logging said user 
into one or more data processing services includesUhe step of determining if a first one 
of said data processing services requires a prerequisite service. 

22. The computer program product of claim 2 1 whetein each of said corresponding 
second predetermined LDAP schema objects has one or more predetermined attributes, 
each of said one or more attributes having a set of one oi\more values, and wherein 
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4 (determining if said first one of said data processing services requires a prerequisite 

5 service isVi response to a preselected value of a first one of said one or more attributes. 

1 23 . The computer program product of claim 1 5 wherein said step of logging said user 

2 into one or moreidata processing services includes the step of determining if a first one 

3 of said data processing services takes an identifier value. 

1 24. The computer program product of claim 23 wherein determining if a first one of 

2 said data processing services takes an identifier value is in response to a fourth directory 
g 3 entry, said fourth directory entry representing a data structure in accordance with a 
tj 4 corresponding fourth predetermined LDAP schema object. 

^ 1 25. The computer program Vroduct of claim 24 wherein said fourth predetermined 

™ 2 LDAP schema object has one or nWe predetermined attributes, each of said one or more 

□ 3 attributes having a set of one or mone values, and wherein determining if said first one of 

^ 4 said data processing services takes ariVdentifier value is in response to a preselected value 

~ t 5 of a first one of said one or more attributes. 

1 26. The computer program product of claim 25 further comprising the step of invoking 

2 an initialization routine corresponding to sard first data processing service in response to 

3 an attribute value in a third directory entry corresponding to said first data processing 

4 service, said third directory entry representing^ a data structure in accordance with a 

5 corresponding third predetermined LDAP schema Object, said initialization routine being 
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6 determined in response to said attribute value, and wherein said identifier value is passed 

7 to said initialization routine. 

1 27. The computer program product of claim 23 wherein said identifier value is a 

2 required identifier valu A 

1 28. The computer program product of claim 23 wherein said identifier value is an 

2 optional identifier value. \ 
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2$. A data processing system for global sign-on (GSO) comprising: 
circuitry operable for receiving a user login; 

circuity operable for determining an existence of a first directory entry 
corresponding t\said user in response to a first Lightweight Directory Access Protocol 
(LDAP) message; Vid 

circuitry operable for logging said user into one or more data processing services 
in response to one or more second directory entries, and wherein each of said first and 
second directory entries represents a data structure in accordance with a corresponding 
first and second predetermined LDAP schema object. 

30. The data processing system of claim 29 wherein each of said corresponding 
second predetermined LDAP schema objects has one or more predetermined attributes, 
each of said one or more attributes naving a set of one or more values, and wherein a first 
one of said plurality of attributes is operable for initiating a corresponding one of said data 
processing services. \ 

3 1 . The data processing system of claim 3 0 wherein said circuitry operable for logging 
said user into one or more data processing systems is operable in response to first one of 
said plurality of attributes having a first precfletermined data value. 

32. The data processing system of claim 29 wfterein said circuitry operable for logging 
said user into said one or more data processing sewices comprises: 

circuitry operable for, for each data processing service, reading a user identifier 
(UID) and a password from a corresponding one of said second directory entries; and 
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5 \ circuit^ operable for logging in said user using said UID and said password. 

1 33 . The data processing system of claim 29 further comprising circuitry operable for 

2 starting said one ok more data processing services in response to one or more third 

3 directory entries, eacW of said third directory entries representing a data structure in 

4 accordance with a correVponding third predetermined LDAP schema object. 

1 34. The data processingVystem of claim 33 further comprising circuitry operable for 

2 invoking an initialization rouftne corresponding to each of said data processing services, 

3 wherein each of said corresponding third predetermined LDAP schema objects includes 

4 a set of one or more attributes, abd wherein said initialization routine is determined in 

5 response to a value of a first attribute of said set of one or more attributes. 

1 35. The data processing system of craim 29 wherein said circuitry operable for logging 

2 said user into one or more data processing services includes circuitry operable for 

3 determining if a first one of said data processing services requires a prerequisite service. 

4 \ 

1 36. The data processing system of claim 36 wherein each of said corresponding 

2 second predetermined LDAP schema objects hasVne or more predetermined attributes, 

3 each of said one or more attributes having a set of one or more values, and wherein 

4 determining if said first one of said data processing sendees requires a prerequisite service 

5 is in response to a preselected value of a first one of said one or more attributes. 
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37. \The data processing system of claim 29 wherein said circuitry operable for logging 
said use\ into one or more data processing services includes circuitry operable for 
determining if a first one of said data processing services takes an identifier value. 



1 38. The daVi processing system of claim 37 wherein said circuitry operable for 

2 determining if aNprst one of said data processing services takes an identifier value is 

3 operable in response to a fourth directory entry, said fourth directory entry representing 

4 a data structure in accordance with a corresponding fourth predetermined LDAP schema 

5 object. 

1 39. The data processing system of claim 3 8 wherein said fourth predetermined LDAP 

2 schema object has one or more predetermined attributes, each of said one or more 

3 attributes having a set of one or more values, and wherein determining if said first one of 

4 said data processing services takes an identifier value is in response to a preselected value 

5 of a first one of said one or moraattributes. 



Li 



1 40. The data processing system ©f claim 39 further comprising circuitry operable for 

2 invoking an initialization routine coVesponding to said first data processing service in 

3 response to an attribute value in a third directory entry corresponding to said first data 

4 processing service, said third directory entry representing a data structure in accordance 

5 with a corresponding third predetermined KDAP schema object, said initialization routine 

6 being determined in response to said attribute value, and wherein said identifier value is 

7 passed to said initialization routine. 
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1 41. \ The dataNprocessing system of claim 37 wherein said identifier value is a required 

2 identifier value. \ 

1 42. The data processing system of claim 37 wherein said identifier value is an optional 

2 identifier value. \ 
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